Point to remember for CISA exam-Digital Signature
(1) Digital Signature ensures:
(i)Integrity (i.e message has not been tampered)
(ii)Authentication (i.e message has been actually sent by sender)
(iii)Non-repudiation (i.e sender cannot later deny about sending the message)
(2)But, digital signature does not provide:
It must be noted that digital signature does not provide confidentiality of the message.
(3)In any given scenario, digital signature encrypts the hash of the message (and not the message). Hence digital signature does not provide confidentiality or privacy.
(4)In any given scenario, for encryption of the hash of the message, private key of the sender is to be used.
(5)In any given scenario, non-repudiation provides the strongest evidence that a specific transaction/action has occurred. No one can deny about the transaction/action.